Share this Job
Location: 

Jubail, SA

Senior Security Analyst, Information Technology

 Job Purpose:

Senior Security Analyst will be responsible for providing support for complex computer network exploitation and defence techniques to include deterring, identifying and investigating computer and network intrusions; providing incident response and remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies.

 Key Accountabilities:

  • Knowledge and skills to implement and maintain compliance with HCIS, NCA, ISO27001, NIST CSF and other cybersecurity standards
  • Undertake a leading role in monitoring the network for security-related issues, advising and implementing defensive measure through of industry standard platforms
  • Liaise with internal departments and security operations center to detect and mitigate threats to SASREF internal and DMZ network
  • In depth understanding of operating systems, network/system architecture, protocols, and enterprise services, and enterprise architecture design
  • Ability to identify threats across a number of different monitoring systems used within the security industry
  • Experience responding to information security incidents
  • Hands-on experience in designing, managing and configuring Cisco and Fortinet Firewalls
  • Strong hands-on information security skills and experience
  • Understanding of threats, vulnerabilities, and exploits
  • Experience of working with SIEM/agent monitoring tools, correlating logs and using analytical techniques to perform investigations
  • Experience of using threat hunting concepts and a broad knowledge of how to string different data sets together to further an investigation.
  • Experience with Anti-virus and Anti-malware Technologies
  • Participate in the operation of the incident handling service when events have been detected
  • Ability to provide advice and support to other teams, customers and third party suppliers on detected security threats and advising of best course of action
  • Maintain awareness of changing security threats to enable enhancement of current tools and signatures development of advanced tools to monitor network security
  • Responsible for the operation, support, development and enhancement of existing security systems
  • Demonstrable experience of operating a range of industry standard tools to detect and mitigate attacks.
  • Experience of dealing with post incident analysis, remediation and process improvement
  • Experience of delivering new tools and services to improve the security context of the organisation.
  • Experience of leading or managing a small team or group of specialist in a security context
  • Ability to clearly explain how improvements in tools, data collection, intelligence, policy, process or platforms will likely affect security outcomes.
  • Ability to represent the business, its security products, services, processes, policies and procedures to internal and external audiences.
  • Responsible for managing Next generation Firewalls, IPS, Data Classification Solution, Anti-Virus and Anti Malware
  • Responsible for maintenance of security programs such as vulnerability assessment tools, authentication solutions, SIEM solution, firewall, security awareness and IPS.
  • Ability to supervise subordinates within the Division including assigning work activities and projects, monitor workflows and review results
  • Ability to supervise the maintenance of all security programs such as vulnerability assessment tools, authentication solutions, SIEM solution, firewall, security awareness and IPS.
  • Ability to supervise all risk assessment activities including vulnerability assessment, control assessment, likelihood determination and risk prioritization
  • Ability to supervise the 24x7 Security Operation Center (SOC)

Safety:

Description:

Workplace (WPS) and Process (PSM) Safety:

  • Ensure that measures to protect personal safety and well-being are always in place and that personal actions do not jeopardize the safety and well-being of others.
  • Adhere strictly to all IOWs, Safe Operating Procedures, and Safe Work Instructions - thus preventing potential WPS and PSM incidents at all times.
  • Always comply with the SASREF HSE Policy, the 5 Safety Principles and 12 Golden Safety Rules.
  •        Performance Indicators:
  • No personal injury or injury to a third party.
  • No WPS or PSM incident caused.

 Qualifications & Experience:

  • Bachelor’s Degree in Computer Science, IT Security or any other related field
  • One or more of the following IT security qualifications or equivalent CISSP, CEH, GIAC
  • Extensive operational experience working in a security related role.
  • 5-10 years of related experience